<?php 
session_start();include "conn.php";
?>
<?php  include("admin.php");?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<title> Bios 管理中心 </title>
<link href="../css/control.css" rel="stylesheet" type="text/css" />



</head>

<body>
<a name="top" id="top"></a>
<div id="all"><!--Wrap start //-->
<div id="main" class="clearfix"><!--main start //-->
<div id="top-1"><?php include_once('blog_top_btn.php');?>
</div>
<!--Content for  id "submenu" Goes Here //-->
<div id="submenu">
<?php include_once('admin_main_btn.php');?>
  </div>
 <!--Content for  id "contact" Goes Here //-->
 <div id="contact-admin">
   <table border="0" cellspacing="0" cellpadding="0">
     <tr>
       <td>選擇部門：</td>
     </tr>
     <tr>
       <td><ul>
         <li>       
           <input name="radiobutton" type="radio" value="radiobutton" checked="checked"  />
          編輯部</li>
		  
		  <li>       
           <input name="radiobutton3" type="radio" value="radiobutton" checked="checked"  />
          edit</li>
        
       </ul></td>
     </tr>
   </table>
   
   
   
   
   
   
   
   
   
   
   

   <?php 
//增加数据

$id=make_safe($_GET["id"]);
$action=make_safe($_GET["action"]);
$mastereditname=make_safe($_POST["mastereditname"]);
$username=make_safe($_POST["username"]);
$password=make_safe($_POST["password"]);
$name=make_safe($_POST["name"]);
$tel=make_safe($_POST["tel"]);
$email=make_safe($_POST["email"]);
$msn=make_safe($_POST["msn"]);
$address=make_safe($_POST["address"]);


$box1=make_safe($_POST["box1"]);
$box2=make_safe($_POST["box2"]);
$box3=make_safe($_POST["box3"]);
$box4=make_safe($_POST["box4"]);
$box5=make_safe($_POST["box5"]);
$box6=make_safe($_POST["box6"]);
$box7=make_safe($_POST["box7"]);
$box8=make_safe($_POST["box8"]);
$box9=make_safe($_POST["box9"]);

if($box1==""){$box1=0;}
if($box2==""){$box2=0;}
if($box3==""){$box3=0;}
if($box4==""){$box4=0;}
if($box5==""){$box5=0;}
if($box6==""){$box6=0;}
if($box7==""){$box7=0;}
if($box8==""){$box8=0;}
if($box9==""){$box9=0;}



$a1=make_safe($_POST["a1"]);
$a2=make_safe($_POST["a2"]);
$a3=make_safe($_POST["a3"]);
$a4=make_safe($_POST["a4"]);
$a5=make_safe($_POST["a5"]);
$a6=make_safe($_POST["a6"]);
$a7=make_safe($_POST["a7"]);
$a8=make_safe($_POST["a8"]);
$a9=make_safe($_POST["a9"]);

if($a1==""){$a1=0;}
if($a2==""){$a2=0;}
if($a3==""){$a3=0;}
if($a4==""){$a4=0;}
if($a5==""){$a5=0;}
if($a6==""){$a6=0;}
if($a7==""){$a7=0;}
if($a8==""){$a8=0;}
if($a9==""){$a9=0;}



include("check.php");


if($action=="add"){
if($mastereditname==""){
echo"SORRY <br>";
echo"请選擇master edit name!<a href='javascript:history.go(-1)'>返回重输</a><br>";
}


if($username==""){
echo"SORRY <br>";
echo"请输入管理員帳號!<a href='javascript:history.go(-1)'>返回重输</a><br>";
}

if($password==""){
echo"SORRY <br>";
echo"请输入管理員密碼!<a href='javascript:history.go(-1)'>返回重输</a><br>";
}

if($username!="" and $password!=""){

$sql=mysql_query("select * from guanli where username = '$username'");
$result=mysql_fetch_array($sql);
if ($result!=false){
	echo "<script> alert('[".$username."] 已有的[管理員帳號]！');history.back();</script>";
}
else
{	

$sql="Insert Into guanli (username,password,mastereditname,name,tel,email,msn,address,box1,box2,box3,box4,box5,box6,box7,box8,box9,a1,a2,a3,a4,a5,a6,a7,a8,a9) Values('$username','$password','$mastereditname','$name','$tel','$email',
'$msn','$address','$box1','$box2','$box3','$box4','$box5','$box6','$box7','$box8','$box9','$a1','$a2','$a3','$a4','$a5','$a6','$a7','$a8','$a9')";
$result=mysql_query($sql);

echo "<script> alert('管理員 增加成功！');window.location.href='admin-acc-edit-add.php';</script>";
}


}
}




//删除数据
		if ($action=="del"){
	
		if($id!=""){
			$sql="Delete from guanli  where id in (".$id.")";
			$result=mysql_query($sql);
			
			echo "<script>window.location.href='admin_manage.php';</script>";
		}
	}
?>

   <form   action="?action=add" method="post" name="form1"  >
   
   
   <table border="0" cellspacing="0" cellpadding="0">
     <tr>
       <td>帳號權限設定：</td>
     </tr>
     <tr>
       <td><ul>
         <li>編輯部選這邊：</li>
        
		   
		   
		   <li>master name
		      <select name="mastereditname">
		        <?php 
     if($_SESSION["box11"]==1){
    $sql="select * from guanli where   box1!='1'   and  box2='1' order by id desc ";	
	}
	elseif($_SESSION["box22"]==1){
	$sql="select * from guanli where   box1!='1'   and  box2='1' and username='".$_SESSION["username2"]."' order by id desc ";	
	}		
	$result=mysql_query($sql);
	while ($row=mysql_fetch_object($result)){
	?>
		        <option value="<?php echo $row->username;?>"><?php echo $row->username;?></option>
	<?php }?>	    
              </select>
          </li>
         
       </ul></td>
     </tr>
     
   </table>
   
   
   
   
   
   <table border="0" cellspacing="0" cellpadding="0">
     <tr>
       <td colspan="2">帳號相關資訊：</td>
     </tr>
     
     
	 <tr>
       <td class="contact-admin-l">登入帳號：</td>
       <td class="contact-admin-r"><input name="username" id="username" type="text" class="contact-admin-keyin" onClick="Validate();"  onBlur="Validate();"  /> <input type="button" value="驗證帳號" onClick="Validate();"><span class="redText">*</span><div  id="msg"></div>
         <input type="hidden" name="box3" value="1" /></td>
     </tr>
     <tr>
       <td class="contact-admin-l">登入密碼：</td>
       <td class="contact-admin-r"><input name="password" type="password" class="contact-admin-keyin" /></td>
     </tr>
	 <tr> 
                  <td height="22" > <div align="right">確認密碼：</div></td>
                  <td ><span class="contact-admin-r">
                    <input name="conpassword" type="password" class="contact-admin-keyin"  />
                  </span></td>
        </tr>
	 
	 <tr>
       <td class="contact-admin-l">姓名：</td>
       <td class="contact-admin-r"><label for="textfield2"></label>
         <input name="name" type="text" class="contact-admin-keyin" id="textfield2" /></td>
     </tr>
	 
     <tr>
       <td class="contact-admin-l">電子郵件：</td>
       <td class="contact-admin-r"><input name="email" type="text" class="contact-admin-keyin"  /></td>
     </tr>
	 <tr>
       <td class="contact-admin-l">MSN：</td>
       <td class="contact-admin-r"><input name="msn" type="text" class="contact-admin-keyin"  /></td>
     </tr>
     <tr>
       <td class="contact-admin-l">連絡電話：</td>
       <td class="contact-admin-r"><input name="tel" type="text" class="contact-admin-keyin"  /></td>
     </tr>
     <tr>
       <td class="contact-admin-l">個人網址：</td>
       <td class="contact-admin-r"><input name="address" type="text" class="contact-admin-keyin"  /></td>
     </tr>
     <tr>
       <td class="contact-admin-l">&nbsp;</td>
       <td class="contact-admin-r">
         <input type="image" name="imageField" src="images/btn-add.gif"   onClick="return check(form1);"  />
      </td>
     </tr>
     <tr>
       <td class="contact-admin-l">&nbsp;</td>
       <td class="contact-admin-r">&nbsp;</td>
     </tr>
   </table>
   </form>
   
   
   
   
   
   
   
   
   
   
   
   
   
   
 </div>
</div><!-- main end //-->
</div><!--Wrap end //-->
<div id="botton">
 <?php include_once('blog_botton_btn.php');?>
</div>




   <script language="javascript">
	function check(form1){
	if(document.form1.mastereditname.value==""){
			alert("请選擇  mastereditname!");document.form1.mastereditname.focus();return false;		
		}
		
	
	
		if(document.form1.username.value==""){
			alert("请输入管理員帳號!");document.form1.username.focus();return false;		
		}
		if(form1.password.value==""){
			alert("请输入管理員 密碼!");document.form1.password.focus();return false;
		}
		
		if(document.form1.password.value!=document.form1.conpassword.value){
			alert("對不起，您輸入的確認密碼不正確!");document.form1.conpassword.focus();return false;
		}
		
		
		if(document.form1.name.value==""){
			alert("请输入管理員 姓名!");document.form1.name.focus();return false;		
		}
		
		if(document.form1.email.value==""){
			alert("请输入管理員 電子郵件!");document.form1.email.focus();return false;		
		}
		
		
		if(document.form1.msn.value==""){
			alert("请输入管理員 MSN!");document.form1.msn.focus();return false;		
		}
		
		if(document.form1.tel.value==""){
			alert("请输入管理員 聯絡電話!");document.form1.tel.focus();return false;		
		}
		
		
		if(document.form1.address.value==""){
			alert("请输入管理員 個人網址!");document.form1.address.focus();return false;		
		}
		
	}
</script>
   

<script type="text/javascript">
var xmlobj;                                     //定义XMLHttpRequest对象
function CreateXMLHttpRequest()
{
    if(window.XMLHttpRequest)
{//Mozilla浏览器
    xmlobj=new XMLHttpRequest();
    if(xmlobj.overrideMimeType)
    {//设置MIME类别
       xmlobj.overrideMimeType("text/xml");
    }
}
else if(window.ActiveXObject)
{//IE浏览器
   try
   {
    xmlobj=new ActiveXObject("Msxml2.XMLHttp");
   }
   catch(e)
   {
    try
    {
     xmlobj=new ActiveXobject("Microsoft.XMLHttp");
    }
    catch(e)
    {
    }
   }
}
}
function Validate()                             //主程序函数
{


if(document.form1.username.value!=""){


    CreateXMLHttpRequest();                     //创建对象
    var showurl = "request.php?username=" + document.getElementById ("username").value;                                    //构造URL
    xmlobj.open("GET", showurl, true);          //调用request.php
    xmlobj.onreadystatechange = StatHandler;    //判断URL调用的状态值并处理
    xmlobj.send(null);                          //设置为不发送给服务器任何数据
}
function StatHandler()                          //用于处理状态的函数
{
    if(xmlobj.readyState == 4 && xmlobj.status == 200)                                                                      //如果URL成功访问，则输出网页
    {
document.getElementById("msg").innerHTML=xmlobj.responseText ;
    }
	
	
	}
}
</script>


</body>
</html>
